It would also speed up booking and flight scheduling for if use din conjunction with their automated booking and ticketing system it would indeed lessen the length of lines at airports. The most significant problem with RFID is that it is an active system that can be accessed, re-programmed and cloned into a number of identical copies, defeating the security purpose it was said to defeat. RFID tags unlike passive tags are easier to re-program for a user with the right tool can detect the needed information from a passport, encode it onto a new one and then be off on his way without anybody knowing about it. Tools and methods are widely available to programmers and hackers so the high-tech passport is truly just another waste of taxpayer money.

Europe has started to issue RFID passports that have unique codes that identify it as a fingerprint. The only problem is that the technology also opens a whole new avenue for hackers for a well-equipped person can remotely detect a passport with the right equipment from a distance without that person even knowing the data exchange. The move by the UK to move into high-tech passports was to lessen eh time it took to verify the true identity of the holders and of the passport itself. Fake passports would have none of the pre-set information encoded from the issuing office so they can easily be detected and security does the rest.

Four employees of a private Israeli Investigation Agency were found guilty to have employed Spyware to steal information from companies. The investigation firm, Modi’in Ezrahi has three of its employees were convicted and given jail terms from 9 months to one and a half year due to industrial espionage the authorities have been monitoring since 2005. This is a common practice of investigation agencies who regularly conduct espionage on rival firms of customers, selling the information they gather to the highest bidder. Corporate espionage is increasing as much as Cybercrime and is forcing many governments to take notice. This incident highlights the need for better protection from cyber criminals in the form of intrusion prevention systems and antivirus software. The authors of the Trojan horse program were sentenced to two and four years of jail time plus hefty fines.

They also report that the amount of malware has increased significantly with them growing ever complex making it harder for industry to cope unless there is mass infections. The initial detection of a threat mobilizes emergency centers that these software company’s have who work against the clock to provide updates to their many registered subscribers which they send updates to once they have the cure. They also send out updates to virus signature databases which allows the anti-virus, Intrusion detection and Prevention Systems to counter attacks by letting them recognize them hopefully in time to prevent mass infection.

Symantec Inc., one of the industry’s leaders in virus and internet protection software has released their analyses of malware activities that wanted to steal personal information for the year 2007. It shows that from Jan to Jun last year, there were almost 7,000 incidents of attacks on the internet and systems their software are protecting while almost double for the next half year. This trend is quite alarming for cyber attacks have grown considerably that more and more people are falling victim to such attacks. The company conducts their own hacker communications analyses and other intelligence by analyzing information they set in honey-pots (purposely set traps to track hacker activities) and the results their software sends in to them for analyses.

Network Intrusion Detection Systems have a sole purpose which is to analyze data packets entering a network while looking for signatures of known malware. These signatures are constantly updated as new threats are detected so they are always on the lookout for a growing number of threats that keep on getting better and better at what they do. A detection system checks for any suspicious activity and then notifies the right people who then do the desired actions that have been laid out. Much like a citizen who calls the cops to report a criminal, it works the same way with the system being the caller and the dispatcher in detection side, and the cops on the System Administration side who takes action and apprehends the suspected criminal. They are however quite dependent on the ability of their handlers (System Administrator’s) to handle the threat as it should be. Miscalculations or lack of action can render it useless defeating its purpose. A better solution will be discussed in the next post that is more pro-active in the quest to protect the corporate network.

The Sans Institute has been monitoring activity of a Trojan that has been using seemingly valid PDF files as a propagation method. Thought the risk is very low and no major incident has been seen, it may be signs of a new frontier malware authors are trying out. The Trojan installs itself as you open the infected Trojan and then opens the PDF as if nothing happened. The SANS institute has issued warnings that even though there are no major incidents of attacks, people should update their Adobe readers to the latest versions. They also advise users to turn off Adobe’s JavaScript facility. More detailed explanation of the incident from the Sans Institute Storm Center Diary entry.

This stiffer action when handling data includes high costs for as good as encryption systems are, they also cost a lot of money. Most have the cash to spend as in Europe and most of the Developed world but what of the millions in the developing world, should they suffer just because they could not afford the high-tech solutions available to countries and economies that have the cash to spend? That may be the case but remember that the internet connects us all in one big network and any holes in one side, is a hole in the whole net.

The IT industry hailed the coming of the social network as the next step in the evolution of the internet, and it truly is. But as much as we spend more time on our computers in the office and even when we get home, we expose ourselves to more and more threats, more than we could handle. In Europe, the trend in crime has moved into the mainstream internet with many crime organizations shifting from risky manual labor to safer online communications and operations. The various security leaks that resulted in millions of personal records being either lost or stolen have mounted to immeasurable levels the British government had to enforce stiffer data management protocol.

An Arizona man is facing charges of violations against the Computer Spyware Act and the Consumer Protection Act in Washington due to his offering of pop-up blocking software after first flooding his victims with tons of them. Call it creating your own market, the ploy however creative is one of the most damaging attacks in the It industry and is slated to be costing millions in lost dollars due to wasted resources. Spam and Pop-up’s, most of which are unsolicited can cause disruption to work in the office or home. Offering a tool for their removal, right after an intensive barrage that has your screen teeming with small windows is indeed the best time to offer such a product. As you install the removal/prevention tool, it bombards your pc with tons more of the same pop-up’s which just happened to be made by the accused man’s company itself.